#​395 — July 1, 2021

Read on the Web

✍️ Several readers have written in asking if we can do more frequent recaps of popular things we've covered recently. We do an annual roundup as the final issue of each year – here's 2020's – but since we're now exactly half way through 2021, we've devoted the bottom half of this issue to a look back at some of the most popular items from this year so far :-)
Peter Cooper, editor

Node Weekly

July 2021 Security Releases of Node.js Just Released — Arriving just minutes before we hit send have come releases of all major supported branches of Node: 12.22.2, 14.17.2 and 16.4.1. Why? A high severity security issue (12.x only) and some medium severity issues outlined in this announcement post.

Daniel Bevenius

Google's New Tool for Understanding Your Dependenciesdeps.dev is an experimental project by Google that scans places like GitHub and the npm registry for package info, determines full dependency graphs, and then lets you navigate this data. Check out the express package page, for example.


Learn to use TypeScript with React — Join Steve Kinney in this extensive video course and learn how you can ship your React apps with more confidence and fewer bugs — by using TypeScript.

Frontend Masters sponsor

GitHub Copilot: An AI 'Pair Programmer' — A project that GitHub has been working on in the background for some time with OpenAI. It’s a VS Code extension that uses machine learning to suggest code snippets as you type and, yes, it plays well with Node, although some of the code generated can be a little questionable. Think of it as a source of inspiration, rather than writing your code for you.


Encoding Data for POST Requests Properly — While we’re talking Copilot, Jake noticed that an example it threw up isn’t all that great security wise, and spun it into a good lesson about creating HTTP data bodies properly, while covering things like URLSearchParams and FormData along the way.

Jake Archibald

Deploying a Serverless API to AWS with Claudia.js — Learn the bare basics of how Claudia.js can simplify deploying a serverless API to AWS Lambda by building it in a traditional Express.js style.

Godwin Ekuma

Migrating From Capybara to Puppeteer — Why Wealthfront migrated away from Selenium for end-to-end tests, the process used to convert them, and the result of the completed conversion.

Jason Chambers

💻 Jobs

Node.js Developer at X-Team (Remote) — Join the most energizing community for developers and work on long-term projects for Riot Games, FOX, Sony, Coinbase, and more.

Find a Job Through Hired — Create a profile on Hired to connect with hiring managers at growing startups and Fortune 500 companies. It's free for job-seekers.

🛠 Code and Tools

A Code Generator for Making HTTP Requests — A simple but sweet tool for defining what HTTP request you want to make (including headers, request body, and certain types of auth) and you can then copy/paste code for Node (Axios is used here), curl, fetch in the browser, or Google Apps Script (it’s JavaScript but very specific to Google’s environment).

Amit Agarwal

Malibu: Framework-Agnostic CSRF Middleware for Modern Node 🏄 — ESM first, zero-dependency, and TypeScript types are included. It’s compatible with Express, Tinyhttp, and most modern frameworks based around the core HTTP package.

Reinaldy Rafli

capture-website 2.0: Capture Screenshots of Websites — A high-level Puppeteer wrapper to make it easy to capture screenshots of websites from Node or the command-line.

Sindre Sorhus

3 Ways to Send Emails from Your Node.js App

Courier sponsor

Piscina: A Fast Worker Thread Pool Implementation — Node’s worker threads bring true multithreading to Node apps and Piscina is a pool for tracking and controlling the number of such threads.


XO: An Opinionated but Configurable ESLint Wrapper


Ora: An Elegant Terminal Spinner — Something short and sweet for your CLI tools.

Sindre Sorhus

🏆 The Most Popular Items of 2021, So Far

1.  Nine JavaScript and TypeScript ORMs for 2021 — I was surprised how well this did, so clearly a lot of people are on the look out for new data management solutions.. :-) This is a roundup, complete with code examples, showing off a variety of tools like Knex.js, Mongoose, TypeORM, Waterline, and Bookshelf.

Michael Wanyoike

2.  How to Migrate Your App from Express to Fastify — Simon Plenderleith demonstrates what makes Fastify a great alternative, and how to migrate an existing Node.js app from Express to Fastify.

Simon Plenderleith

3.  10 Best Practices to Containerize Node Web Applications with Docker — Production-grade guidelines for building optimized and secure Node-based Docker images whether for microservices, server-side rendering, or stand alone apps.

Liran Tal and Yoni Goldberg

Why Tracing Might Replace (Almost) All Logging

Lightstep sponsor

4.  An Interview with Ryan Dahl, the Creator of Node.js and Deno — Ryan created Node.js 11 years ago and in recent years has moved on to Deno where he’s attempting a new take at the same idea. This interview touches on Deno’s challenges and Ryan’s love of Rust and Vim.


5.  The Death of a Node.js Process — Writing code to do stuff is fun, but do you ever think about what happens when your creation is either ready to terminate or gets cut off in its prime? Thomas looks at some different ways Node processes can terminate and how to keep it as clean as possible.

Thomas Hunter II

6.  A Simple Start to ES Modules in Node.js — Every supported version of Node now supports ES modules, so if you haven’t dipped a toe into the ESM water yet, Kent keeps it simple and straightforward with an example here.

Kent C Dodds

7.  Tauri: A Framework for Building Desktop Apps with a Web FrontendElectron remains the big cheese in the ‘build desktop apps with JavaScript, HTML and CSS’ space but other contenders continue to come along including this Rust-based one. You still use Node under the hood and you can get running on Linux, macOS and Windows.

Tauri Contributors